___________________________________________________________________________

	    Caldera International, Inc. Security Advisory

Subject:		REVISION: Open UNIX, UnixWare 7, OpenServer: encrypted password disclosure
Advisory number: 	CSSA-2002-SCO.5.1
Issue date: 		2002 February 18
Cross reference:	CSSA-2001-SCO.5
___________________________________________________________________________


1. Problem Description

	The first  version of this  advisory specifically  mentioned a
	file  that was,  indeed, readable by others  and contained the
	encrypted root password, but the directories leading up to  it
	were   not   searchable.   Therefore,   it  was  not   a  true
	vulnerability.  After  some research,  Caldera  has discovered
	files   that   are  accessible  to  others   that  do  contain
	information  that might be  used to  compromise  the  system's
	security.
	
	After installation  of  the product,  several  files  are left
	readable  by  all  users.  These  files contain,  among  other
	things, encrypted passwords.


2. Vulnerable Supported Versions

	Operating System	Version		Affected Files
	------------------------------------------------------------------
	UnixWare 7		All		/usr/ns-home/admserv/admpw 
						/usr/internet/httpd/admserv/admpw
	Open UNIX		8.0.0		/usr/ns-home/admserv/admpw
						/usr/internet/httpd/admserv/admpw
						/var/sadm/pkg/update800/install/morepkgs/scripts/debug.out
	OpenServer		All		/var/opt/K/SCO/link/*/.softmgmt/ccsPersistent/cqs.save.file
						/var/opt/K/SCO/Vidconf/*/.softmgmt/ccsPersistent/iqm_file
						/usr/internet//ns_httpd/admserv/admpw*
						/usr/internet/lib/ns_admin/config/admpw*

3. Solution

	3.1 UnixWare 7

		Caldera  recommends  that all  affected systems change
		the  file modes of the following files to  be readable
		only by root:

		# chmod 400 /usr/ns-home/admserv/admpw
		# chmod 400 /usr/internet/httpd/admserv/admpw

		In addition,  Caldera also recommends that you  change
		the root and owner passwords.

	3.2 Open UNIX

		Caldera  recommends  that all  affected systems change
		the  file modes of the following files to  be readable
		only by root:

		# chmod 400 /usr/ns-home/admserv/admpw
		# chmod 400 /usr/internet/httpd/admserv/admpw
		# chmod 400 /var/sadm/pkg/update800/install/morepkgs/scripts/debug.out

		In addition,  Caldera also recommends that you  change
		the root and owner passwords.

	3.3 OpenServer

		Caldera  recommends that  all affected systems  change
		the file  modes of the  following files to be readable
		only by root:

		# chmod 400 /var/opt/K/SCO/link/*/.softmgmt/ccsPersistent/cqs.save.file
		# chmod 400 /var/opt/K/SCO/Vidconf/*/.softmgmt/ccsPersistent/iqm_file
		# chmod 400 /usr/internet//ns_httpd/admserv/admpw*
		# chmod 400 /usr/internet/lib/ns_admin/config/admpw*
		# chmod 400 /usr/internet/admin/access/.htpasswd
		# chmod 400 /var/opt/K/SCO/Atlasadm/*/mana/.htpasswd


		In addition,  Caldera also recommends that  you change
		the root password.

	
4. References

	ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.5.1/

	This and other advisories are located at
		http://stage.caldera.com/support/security

	This advisory  addresses  Caldera Security  internal  incident
	sr860350.


5. Disclaimer

	Caldera International, Inc.  is not responsible for the misuse
	of any  of the  information we provide on  our website  and/or
	through our security advisories.  Our advisories are a service
	to our  customers intended  to promote secure installation and
	use of Caldera International products.


6. Acknowledgements

	Caldera  wishes  to  thank  the  efforts  of   Derryle   Gogel
	<gogeld@citifinancial.com>,   who   gave  us  the  impetus  to
	investigate this issue more thoroughly.

	 
___________________________________________________________________________